Below is a recap of of WordPress security vulnerabilities and other software exploits from around the Web in August 2019.

If you have any of the plugins or themes installed on your website, or use any of the software mentioned, update them to the most current version as soon as possible.  In some cases their has been no solution provided by the developer and we strongly urge you to remove the theme/plugin/software and find an alternate solution.

Remember that outdated software is the number one reasons websites and devices get hacked.

WordPress Plugin Vulnerabilities:

CformsII

Email Subscribers & Newsletters

301 Redirects Addon Bulk Uploader

Give

JoomSport

Login or Logout Menu Item

ND Booking

ND Donations

ND Learning Courses

Popup Builder

PPOM for WooCommerce

Ultimate Member

Woody Ad Snippets

WP Fastest Cache

WordPress Theme Vulnerabilities:

Real Estate 7

Breaches From Around the Web

Microsoft Bluetooth Vulnerability

Microsoft’s August security patch included a fix for an Encryption Key Negotiation of Bluetooth Vulnerability. The exploit makes it easier for an attacker to brute force the Bluetooth session and the decrypt the traffic between devices. Be sure to apply the August security patch.

Suprema’s Biostar 2 Insecurely Stores 27.8 Million Biometrics Credentials

Security researchers Noam Rotem, Ran Locar, and vpnMentor discovered the unencrypted database containing sensitive information about companies and their employees. After breaching the database, the researches were able to find employees personal information, usernames and passwords. vpnMentor also mentions that their team got their hands on over a million facial and fingerprint records.

Thanks to iThemes for compiling this information!

[optin-monster-shortcode id=”yb8cjlx2u7mik93fvgvb”]